/*
 * Copyright 2020-2030 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.gitee.minimalismstyle.fresh.oauth.filter

import org.springframework.security.authentication.AuthenticationServiceException
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
import org.springframework.security.core.Authentication
import org.springframework.security.core.AuthenticationException
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
import org.springframework.security.web.util.matcher.AntPathRequestMatcher
import org.springframework.util.Assert

import javax.servlet.http.HttpServletRequest
import javax.servlet.http.HttpServletResponse

/**
 * 手机号登录验证filter
 * @author maoxiaodong
 */
class MobileAuthenticationFilter : AbstractAuthenticationProcessingFilter(AntPathRequestMatcher("/mobile/login", "POST")) {
    var usernameParameter = SPRING_SECURITY_FORM_MOBILE_KEY
        private set
    var passwordParameter = SPRING_SECURITY_FORM_SMSCODE_KEY
        private set
    private var postOnly = true

    override fun attemptAuthentication(request: HttpServletRequest, response: HttpServletResponse): Authentication {
        if (this.postOnly && request.method != "POST") {
            throw AuthenticationServiceException("Authentication method not supported: " + request.method)
        } else {
            var mobile: String? = this.obtainMobile(request)
            var smscode: String? = this.obtainSmscode(request)
            if (mobile == null) {
                mobile = ""
            }

            if (smscode == null) {
                smscode = ""
            }

            mobile = mobile.trim { it <= ' ' }
            val authRequest = UsernamePasswordAuthenticationToken(mobile, smscode)
            this.setDetails(request, authRequest)
            return this.authenticationManager.authenticate(authRequest)
        }
    }

    private fun obtainSmscode(request: HttpServletRequest): String {
        return request.getParameter(this.passwordParameter)
    }

    private fun obtainMobile(request: HttpServletRequest): String {
        return request.getParameter(this.usernameParameter)
    }

    private fun setDetails(request: HttpServletRequest, authRequest: UsernamePasswordAuthenticationToken) {
        authRequest.details = this.authenticationDetailsSource.buildDetails(request)
    }

    fun setMobileParameter(mobileParameter: String) {
        Assert.hasText(mobileParameter, "mobile parameter must not be empty or null")
        this.usernameParameter = mobileParameter
    }

    fun setSmscodeParameter(smscodeParameter: String) {
        Assert.hasText(smscodeParameter, "smscode parameter must not be empty or null")
        this.passwordParameter = smscodeParameter
    }

    fun setPostOnly(postOnly: Boolean) {
        this.postOnly = postOnly
    }

    companion object {
        const val SPRING_SECURITY_FORM_MOBILE_KEY = "mobile"
        const val SPRING_SECURITY_FORM_SMSCODE_KEY = "smscode"
    }
}

